ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 58 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 58
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company recently migrated its Amazon EC2 instances to VPC private subnets to satisfy a security compliance requirement. The EC2 instances now use a NAT gateway for internet access. After the migration, some long-running database queries from private EC2 instances to a publicly accessible third-party database no longer receive responses. The database query logs reveal that the queries successfully completed after 7 minutes but that the client EC2 instances never received the response.
Which configuration change should a network engineer implement to resolve this issue?

  • A. Configure the NAT gateway timeout to allow connections for up to 600 seconds.
  • B. Enable enhanced networking on the client EC2 instances.
  • C. Enable TCP keepalive on the client EC2 instances with a value of less than 300 seconds.
  • D. Close idle TCP connections through the NAT gateway.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by zaazanuna at March 19, 2023, 4:59 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
study_aws1
Highly Voted 1 year, 3 months ago
https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-troubleshooting.html#nat- gateway- troubleshooting-timeout It is Option C)
upvoted 11 times
...
tcp22
Highly Voted 1 year, 2 months ago
C Problem Your instances can access the internet, but the connection drops after 350 seconds. Cause If a connection that's using a NAT gateway is idle for 350 seconds or more, the connection times out. When a connection times out, a NAT gateway returns an RST packet to any resources behind the NAT gateway that attempt to continue the connection (it does not send a FIN packet). Solution To prevent the connection from being dropped, you can initiate more traffic over the connection. Alternatively, you can enable TCP keepalive on the instance with a value less than 350 seconds.
upvoted 7 times
...
AzureDP900
Most Recent 1 week, 2 days ago
Selected Answer: C
This will help prevent the NAT gateway from dropping the connection too early, allowing the long-running queries to complete and return any necessary response data.
upvoted 2 times
...
marfee
5 months ago
I think that It's correct answer is C.
upvoted 1 times
...
that1guy
1 year, 3 months ago
Selected Answer: C
See section "Internet connection drops after 350 seconds" from https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-troubleshooting.html
upvoted 3 times
...
ITgeek
1 year, 3 months ago
Selected Answer: C
C is correct
upvoted 2 times
...
helloworldabc
1 year, 3 months ago
CCCCCCCCC
upvoted 2 times
...
zaazanuna
1 year, 3 months ago
C - correct. When a TCP connection is idle for a long time, it may be terminated by network devices, including the NAT gateway. By enabling TCP keepalive, the client EC2 instances can periodically send packets to the third-party database to indicate that the connection is still active, preventing it from being terminated prematurely.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago